Had a previous employee or I discovered it on the network segment after we had some weird routing issues and had to get that cleaned up. I don't know why anyone would do that when there is tons of private IP space.
It is more common than you would think\. Why use public IP's when you can have many rfc1918 options\. Always amazes me after the initial confusion\.
Richard
RFC1918 isn't big enough to cover all use cases. Think about a large
internet service providers. If you have ten million customers, 10.0.0.0/8
would be enough to number modems, but what happens when you need to number
video set top boxes and voice end points? I don't think anyone goes out and
says "Lets go use someone else's space, because I don't want to use this
perfectly good private space".
I worked alongside a company that used addresses assigned to the Syrian
govt for their "guest" network. They were a pretty large org, presumably
this was done to reduce risk - firewall rules, accidentally leaking guest
prefixes to their internal nets, or just straight-up simplicity. They were
in a pretty heavily regulated industry with restrictions on what companies
they could do business with, so there probably wasn't a huge risk of
reachability
issues.
Unless there isn't.. I've worked at more than one company that had used up all the private space. Then you have the cases where some M&A causes overlapping IP space. In addition, you'd also be surprised how many people just assign the entire 10/8 space into a flat IP space.
Or places like Ontario, where the government runs a registry service for
net 10/8 because we're all interconnecting our private networks over VPNs
and there were too many NATs.
Matt Hoppes <mattlists@rivervalleyinternet.net> writes:
Had a previous employee or I discovered it on the network segment after
we had some weird routing issues and had to get that cleaned up. I don't
know why anyone would do that when there is tons of private IP space.
Excuse 1: "We'll never connect to the internet!"
Excuse 2: "It's only temporary!"
Excuse 3: Typo (At some customers customer I found 192.!168 address which
where apparently a typo but in use for years so nobody wanted
to change it.) I also know one company who is using (has
used?) 2001:8db::/48. I suggested to get v6 PI an properly
implement IPv6 but never heard from them again.
Excuse 4: "We used the addresses from out training material." - I heard
this story some time ago: A large German government agency
wanted to implement IP(v4) and the people attended a course
about this new TCP/IP stuff at $Vendor. The training material
was prepared by a student who was using his university's /16 as
an example.
BTW: Is the Cisco WLC 1.1.1.1 as default address for DHCP?
I had a vendor at $dayjob prior to my arrival who assigned all their
customers ip space based on the customer number. when i got there all the
internal network was assigned space from an company in the middle east.
$dayjob didn't have the in-house knowledge to know what was going on and as
they never worried about the middle east it didn't affect their business.
This came to light with me on a forum where someone posted that they thought it strange that their MTA received an IP that is assigned to the DoD DNIC.
Where I work I have the opposite issue. They have a lot of public IPv4 space and only use it internally never be advertised to the internet. Something I have never agreed
With doing.
This came to light with me on a forum where someone posted that they thought it strange that their MTA received an IP that is assigned to the DoD DNIC.
Where I work I have the opposite issue. They have a lot of public IPv4 space and only use it internally never be advertised to the internet. Something I have never agreed
With doing.
Robert
Why? This is a perfectly legitimate use of the IP addresses. The purpose of assigning addresses is so that they are unique WORLD WIDE in whatever context you wish to use them in.
I going to guess you were talking about the use internally of public IP addresses..
But there are rules governing what to use where. So it is OK to hoard publicly addressable IPv4 IP's for internal
use that will never reach the outside world? No the way I have been taught.
Welcome to IPv6, where you have technically-reserved-for-future-use space that should never actually need to be used. Quite likely, you can use something like 440::/16 as your private space, but please don't do that unless you've exhausted the true private space.
My previous employer used 198.18/15 for CE links on IPVPN services.
Walgreens used an American SP's space internally and couldn't talk to
any users in that space as a result.